Óscar Mortágua Pereira

CRUD-DOM: A Model for Bridging the Gap between the Object-Oriented and the Relational Paradigms

Based on experimental SHCCT diagram of 9% Ni steel, parameters of Leblond model and Koistinen-Marburger model for phase transformation were presented. With SYSWELD software, the presented parameters were verified and confirmed to be effective for simulation of phase transformation in HAZ of 9% Ni steel. Using the verified phase transformation models, simulation of phase transformation in HAZ under different welding conditions was performed and calculation results proved to correspond to reality. Results showed that martensite developed in coarse-grained HAZ after welding. Phase transformation was influenced by welding parameters and took a certain period of time to complete.the development of database applications comprises three different tiers: application tier, database tier and finally the middle tier also known as the data access layer. The development of each tier per-se entails many challenges. Very often the most difficult challenges to be addressed derive from non-functional requirements, as productivity, usability, performance, reliability, high-availability and transparency. This paper is focused on defining and presenting a model for the data access layer aimed to integrate object-oriented application tiers and relational database tiers. The model addresses situations on which users need to explicitly write down complex static Create, Read, Update and Delete (CRUD) expressions and simultaneously get advantages regarding some non-functional requirements. The model, known as CRUD Data Object Model (CRUD-DOM), tackles the following nonfunctional requirements: performance, usability and productivity. The main contributions of this paper are threefold: 1) to present the CRUD-DOM model; 2) to carry out an enhanced performance assessment based on a case study; 3) to present a tool, called CRUD Manager (CRUD-M), which provides automatic code generation with complementary support for software test and maintenance. The main outcome of this paper is the evidence that the pair CRUD-DOM and CRUD-M effectively addresses productivity, performance and usability requirements in the aforementioned context.

Assessment of a Enhanced ResultSet Component for accessing relational databases

Call Level Interfaces (CLI) provide services aimed at easing the integration of database components and components from client applications. CLI support native SQL statements keeping this way expressiveness and performance of SQL. Thus, they cannot be discarded as a valid option whenever SQL expressiveness and SQL performance are considered key requirements. Despite the aforementioned performance advantage, CLI do not comprise other important performance features, as concurrency over the in-memory data. In this paper we present and assess a component that is a concurrent version of the ResultSet interface from the JDBC API. Several threads may interact simultaneously in the same instance of the ResultSet in a concurrent fashion and can be simultaneously connected to the underlying database. The main contributions of this paper are twofold: i) the design of an Enhanced ResultSet Component to provide a concurrent access to relational databases; ii) the evaluation of its performance. The Enhaced ResultSet performance will be assessed in a real scenario. The outcome shows that the gain in performance may increase until 80%.

A Concurrent Tuple Set Architecture for Call Level Interfaces

Call Level Interfaces (CLI) are low level API aimed at providing services to connect two main components in database applications: client applications and relational databases. Among their functionalities, the ability to manage data retrieved from databases is emphasized. The retrieved data is kept in local memory structures that may be permanently connected to the host database. Client applications, beyond the ability to read their contents, may also execute Insert, Update and Delete actions over the local memory structures, following specific protocols. These protocols are row (tuple) oriented and, while being executed, cannot be preempted to start another protocol. This restriction leads to several difficulties when applications need to deal with several tuples at a time. The most paradigmatic case is the impossibility to cope with concurrent environments where several threads need to access to the same local memory structure instance, each one pointing to a different tuple and executing its particular protocol. To overcome the aforementioned fragility, a Concurrent Tuple Set Architecture (CTSA) is proposed to manage local memory structures. A performance assessment of a Java component based on JDBC (CLI) is also carried out and compared with a common concurrent approach. The main outcome of this research is the evidence that in concurrent environments, components relying on the CTSA may significantly improve the overall performance when compared with solutions based on standard JDBC API.

Reusable business tier architecture driven by a wide typed service

Call Level Interfaces (CLI) are difficult to use mainly in intensive database applications with many Create, Read, Update and Delete (CRUD) expressions. As low level API, they are not suited to promote the development process of business tiers as reusable components, leading to the need of writing additional source code whenever a new CRUD expression is needed. To tackle this gap, this paper proposes an architecture for building reusable business tier components herein referred to as Reusable Business Tier Architecture (RBTA). It relies on a single customizable wide typed service to address a business area, such as accounting. The typed service is able to manage all the required CRUD expressions for that business are, which are deployed at runtime in accordance with the users needs. The only constraint is that the required service to manage each CRUD expression must be a sub-set of the implemented wide typed service. A proof of concept based on Java Database Connectivity (JDBC) is also presented.

ABC Architecture: A New Approach to Build Reusable and Adaptable Business Tier Components Based on Static Business Interfaces

Currently, programmers of database applications use standard API and frameworks as artifacts to develop business tiers aimed at integrating the object-oriented and the relational paradigms. These artifacts provide programmers with the necessary services to develop business tiers. In this paper we propose a new architecture based on general Call Level Interfaces from which reusable and Adaptable Business tier Components (ABC) may be developed. Each individual ABC component is able to manage SQL statements of any complexity, deployed at run-time, and also to provide tailored services to each SQL statement. To accomplish this goal, the only requirement is that the schema of each deployed SQL statement must be in conformance with one of the pre-defined static schemas (interfaces) of the recipient ABC component. The main contributions of this paper are threefold: 1) to present the new architecture based on general Call Level Interfaces on which ABC components are based, 2) to show that the source code of ABC components may be automatically built by a tool and 3) to present a concrete example of ABC based on JDBC. The main outcome of this paper is the evidence that the presented architecture is an effective approach to build reusable and adaptable business tiers components to bridge the object-oriented and the relational paradigms.

Secure, Dynamic and Distributed Access Control Stack for Database Applications

In database applications, access control security layers are mostly developed from tools provided by vendors of database management systems and deployed in the same servers containing the data to be protected. This solution conveys several drawbacks. Among them we emphasize: (1) if policies are complex, their enforcement can lead to performance decay of database servers; (2) when modifications in the established policies implies modifications in the business logic (usually deployed at the client-side), there is no other possibility than modify the business logic in advance and, finally, 3) malicious users can issue CRUD expressions systematically against the DBMS expecting to identify any security gap. In order to overcome these drawbacks, in this paper we propose an access control stack characterized by: most of the mechanisms are deployed at the client-side; whenever security policies evolve, the security mechanisms are automatically updated at runtime and, finally, client-side applications do not handle CRUD expressions directly. We also present an implementation of the proposed stack to prove its feasibility. This paper presents a new approach to enforce access control in database applications, this way expecting to contribute positively to the state of the art in the field.

Role-Based Access control mechanisms

Most of the security threats in relational database applications have their source in client-side systems when they issue requests formalized by Create, Read, Update and Delete (CRUD) expressions. If tools such as ODBC and JDBC are used to develop business logics, then there is another source of threats. In some situations the content of data sets retrieved by Select expressions can be modified and then committed into the host databases. These tools are agnostic regarding not only database schemas but also regarding the established access control policies. This situation can hardly be mastered by programmers of business logics in database applications with many and complex access control policies. To overcome this gap, we extend the basic Role-Based Access policy to support and supervise the two sources of security threats. This extension is then used to design the correspondent RBAC model. Finally, we present a software architectural model from which static RBAC mechanisms are automatically built, this way relieving programmers from mastering any schema. We demonstrate empirical evidence of the effectiveness of our proposal from a use case based on Java and JDBC.

CTSA : Concurrent Tuple Set Architecture Extending Concurrency to Call Level Interfaces

Call Level Interfaces (CLI) provide a set of functionalities to ease the connection between client applications and relational databases. Among them, the management of data retrieved from databases is emphasized. The retrieved data is kept in local memory structures (LMS) that allow client applications to read it and modify it through protocols. They are row (tuple) oriented and, while being executed, they cannot be preempted to start another protocol. This restriction leads to several difficulties when applications need to deal with several tuples at a time, namely in concurrent environments where several threads need to access to the same LMS instance, each one pointing to a different tuple and executing its particular protocol. To overcome this drawback, a Concurrent Tuple Set Architecture (CTSA) is proposed for LMS. A performance assessment is also carried out. The outcome is the evidence that in concurrent environments, the CTSA significantly improve the overall performance. CTSA: Concurrent Tuple Set Architecture Extending Concurrency to Call Level Interfaces

BTA: architecture for reusable business tier components with access control

Currently, business tiers for relational database applications are mostly built from software artifacts, among which Java Persistent API, Java Database Connectivity and LINQ are three representatives. Those software artifacts were mostly devised to address the impedance mismatch between the object-oriented and the relational paradigms. Key aspects as reusable business tier components and access control to data residing inside relational databases have not been addressed. To tackle the two aspects, this research proposes an architecture, referred to here as Business Tier Architecture (BTA), to develop reusable business tier components which enforce access control policies to data residing inside relational databases management systems. Besides BTA, this paper also presents a proof of concept based on Java and on Java Database Connectivity (JDBC).

AN ADAPTABLE BUSINESS COMPONENT BASED ON PRE-DEFINED BUSINESS INTERFACES

Object-oriented and relational paradigms are simply too different to bridge seamlessly. Architectures of database applications relying on three tiers need business tiers to bridge application tiers and database tiers. Business tiers hide all the complexity to convert data between the other two tiers easing this way programmers’ work. Business tiers are critical components of database applications not only for their role but also for the effort spent on their development and their maintenance. In this paper we propose an adaptable business component (ABC) able to manage SQL statements on behalf of other components. Other components may create in run-time a pool of SQL statements of any complexity and delegate their management to the ABC component. The only constraint is that the SQL statements schema must be in conformance with one of the predefined schemas (interfaces) provided by the ABC component. The main contribution of this paper is twofold: 1) the presentation of an adaptable business component and 2) to show that the ABC source code may be automatically generated. The main outcome of this paper is the evidence that the ABC component is an effective alternative approach to build business tiers to bridge object-oriented and relational paradigms.